<?php
include_once("header.php");
?>
<?php
if($_POST["newPassword"] && $_POST["RnewPassword"])
{
	if($_POST["newPassword"] == $_POST["RnewPassword"])
	{
		$newPassword=$_POST["newPassword"];
		if(strlen($newPassword) > 7)
		{
			//generate md5
			$newPassword=md5(trim($newPassword));
			$username=$_SESSION["login"];
			//change password on table users (field -> ui_password)
			$qPassword=mysql_query("UPDATE users SET ui_password='$newPassword' WHERE email='$username'") or die(mysql_error());
			$affPassword=mysql_affected_rows();
			if($affPassword > 0){echo "<h3 style='color: blue; font-weight: bold;'>PASSWORD CHANGED</h3>";}			
			else {echo "<h3>ERROR</h3>";}
		}
		else {echo "<br><b><font color='red'>Invalid password length. Min 8 characters</font></b>";}
	}
	else {echo "<h2>Password does not match</h2>";}
}
else {
	if($_POST["action"] == 1)
	{
		echo "<h2>Password or confirmation empty!</h2>";
	}
}
?>
<h3>Change admin password</h3>
<h5>Only for PAM-UI access</h5>
<form method='post' action=''>
New Password
<br />
<input type='password' name='newPassword' size='20'>
<br />
<br />
Repeat new password
<br />
<input type='password' name='RnewPassword' size='20'>
<br />
<br />
<input type='submit' value='Change now!'>
<input type='hidden' name='action' value='1'>
</form>
<br />
<font color='red'>&raquo; use at least 8 characters</font><br />
<br />

<?php
include_once("footer.php");
?>
